Epoptes

How to disable "execute --> open command line --> root local, root remote, user local

Asked by Markus Weich

Hi folks,
I have installed epoptes in our school. One pc is teacher pc, 20 pc's for the pupil (no ltsp!!!, every computer runs on his own).
Everything works fine.
However, I don't like the idea that every teacher (in group SOCKET_GROUP=TEACHERS) can execute arbitrary commands as user root on every pc in the classroom via "execute --> open command line --> root local. E.g. a teacher might call rm -R /* or su into another teachers account and do all kinds of things.
Is there a way to disable "execute --> *" on the server epoptes?
Best would be, if one can specifically allow it for some users and deny it for the rest of SOCKET_GROUP.
I assume one has to change the python source for this?
Can somebody help, please?
Thanks, Markus

Question information

Language:
English Edit question
Status:
Answered
For:
Epoptes Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Fotis Tsamis (ftsamis) said : 		#1

Hello Markus,

Currently this is not supported. I created a bug report from your question.

One solution would be for each epoptes user to have his own key, and setup in the daemon what actions are permitted for each key.

Regards,
Fotis

Revision history for this message
Fotis Tsamis (ftsamis) said : 		#2

See above.

Can you help with this problem?

Provide an answer of your own, or ask Markus Weich for more information if necessary.

To post a message you must log in.